Foxit PDF Reader Heap Overflow

HIGH (7.8) No Patch
cwe-190arbitrary-code-executionfoxitheap-buffer-overflowjbig2pdf-reader

Threat Intelligence

Low Risk
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: No public exploits found

How we test →

What is it?

Foxit PDF Reader is a popular PDF viewing and editing software used by millions of users worldwide. The vulnerability in question occurs when the software processes specially crafted JBIG2 data, potentially leading to a heap-based buffer overflow that can execute arbitrary code.

Am I affected?

You're affected if you use Foxit PDF Reader version 8.3.0 or earlier (versions 9.x and later are not vulnerable). Check with: find / -name "foxit-pdf-reader*.exe" on Windows or find / -name "foxit-pdf-reader on Linux/macOS.

Note: This vulnerability is specific to Foxit PDF Reader, not other PDF viewers or editors like Adobe Acrobat or PDF-XChange Viewer.

Affected Products

Foxit Software / Foxit PDF Reader

How to fix

  1. Upgrade to Foxit PDF Reader version 8.4.0 or later from the official website: https://www.foxit.com/downloads/pdfr-reader/
  2. Immediate mitigations:
  3. Disable JavaScript in Foxit PDF Reader settings (Settings > Security > Enable/Disable JavaScript)
  4. Restrict network access to your Foxit PDF Reader instance (firewall it from the public internet)

References